urlscan.io logo urlscan.io
SecurityTrails logo

ziraatbank.hrpeak.com Open in urlscan Pro
52.233.184.181  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ziraatbank.hrpeak.com/
Effective URL: https://ziraatbank.hrpeak.com/ac
Submission: On April 08 via manual from TR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 5 domains to perform 35 HTTP transactions. The main IP is 52.233.184.181, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ziraatbank.hrpeak.com.
TLS certificate: Issued by R3 on January 23rd 2022. Valid for: 3 months.
This is the only time ziraatbank.hrpeak.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ziraat Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
2 3 52.233.184.181 8075 (MICROSOFT...)
18 2a02:26f0:170... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
35 9
3    52.233.184.181 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ziraatbank.hrpeak.com
18    2a02:26f0:1700:d::1737:6ea4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.hrpeak.com
4    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:3032::6815:53d8 (United States)

ASN13335 (CLOUDFLARENET, US)
d.hrpeak.com
6    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
22 hrpeak.com
ziraatbank.hrpeak.com
cdn.hrpeak.com
d.hrpeak.com
235 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
590 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 4
25 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 279
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
35 5
Domain Requested by
18 cdn.hrpeak.com ziraatbank.hrpeak.com
cdn.hrpeak.com
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com ziraatbank.hrpeak.com
www.gstatic.com
www.google.com
3 ziraatbank.hrpeak.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 ssl.google-analytics.com ziraatbank.hrpeak.com
1 fonts.googleapis.com cdn.hrpeak.com
1 d.hrpeak.com ziraatbank.hrpeak.com
35 8

This site contains links to these domains. Also see Links.

Domain
www.hrpeak.com
Subject Issuer Validity Valid
*.hrpeak.com
R3		 2022-01-23 -
2022-04-23		 3 months crt.sh
cert00045-azurecdn.akamaized.net
R3		 2022-04-05 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-25 -
2023-03-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ziraatbank.hrpeak.com/ac
Frame ID: 45ABE4C8E0C392507F75942D6E703A63
Requests: 26 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3&co=aHR0cHM6Ly96aXJhYXRiYW5rLmhycGVhay5jb206NDQz&hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=normal&cb=wbf6zt1nkp4m
Frame ID: 896089782642FEA607072091BAD07E45
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3
Frame ID: 061F0CD2C529B6C559BF076969A6BB23
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Assessment Center Login

Page URL History Show full URLs

  1. http://ziraatbank.hrpeak.com/ HTTP 301
    https://ziraatbank.hrpeak.com/ HTTP 302
    https://ziraatbank.hrpeak.com/ac Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

35
Requests

100 %
HTTPS

88 %
IPv6

5
Domains

8
Subdomains

9
IPs

3
Countries

868 kB
Transfer

1769 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ziraatbank.hrpeak.com/ HTTP 301
    https://ziraatbank.hrpeak.com/ HTTP 302
    https://ziraatbank.hrpeak.com/ac Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ac
ziraatbank.hrpeak.com/
Redirect Chain
  • http://ziraatbank.hrpeak.com/
  • https://ziraatbank.hrpeak.com/
  • https://ziraatbank.hrpeak.com/ac
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.233.184.181 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23b6495f3a797f62e7267f24bc80f1a4a294b96d66b76e950db05bc2058bd29f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
private
content-encoding
gzip
content-length
5448
content-type
text/html; charset=utf-8
date
Fri, 08 Apr 2022 14:38:29 GMT
request-context
appId=cid-v1:5741fa55-6ef6-4f19-8948-9ab7e64ea87d
vary
Accept-Encoding

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private
content-length
626
content-type
text/html; charset=utf-8
date
Fri, 08 Apr 2022 14:38:29 GMT
location
/ac
request-context
appId=cid-v1:5741fa55-6ef6-4f19-8948-9ab7e64ea87d
jquery.js
cdn.hrpeak.com/js/ 		134 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/js/jquery.js?v=5D5E34
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
933f3acb19acff410685041bb173052eb679061a2ce80caa7fcbb33f489748f9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Wed, 27 Jan 2021 14:30:21 GMT
server
Microsoft-IIS/10.0
etag
"32b785f1b8f4d61:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=23774
accept-ranges
bytes
content-length
57032
default.js
cdn.hrpeak.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/js/default.js?v=909431
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0dc7bacc0f2d5b0387ac75e908e97edcc82a2e0fbb4a89f6766756826cf78b10

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 23:04:14 GMT
server
Microsoft-IIS/10.0
etag
"d1b4ac539c35d81:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=385125
accept-ranges
bytes
content-length
900
dm.giris.css
cdn.hrpeak.com/css/ 		707 B
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/css/dm.giris.css?v=57AC7D
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ce8cbedce9054ea03d386871b0eabfe2eb08335a818f64e8bbf2e80a5fa216ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Wed, 27 Jan 2021 14:30:21 GMT
server
Microsoft-IIS/10.0
etag
"a5b120f1b8f4d61:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=536234
accept-ranges
bytes
content-length
501
api.js
www.google.com/recaptcha/ 		909 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c53876a5338b871d89fd91547214d13ccb9f0a12b165945a9ded7b71ee29865f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
578
x-xss-protection
1; mode=block
expires
Fri, 08 Apr 2022 14:38:29 GMT
dm.giris.js
cdn.hrpeak.com/js/ 		651 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/js/dm.giris.js?v=FF99A0
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3463b9ecad75d203d89f0bb782862d41239513d6fc83f9843be0fe391eaa0d51

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Sat, 24 Apr 2021 13:47:58 GMT
server
Microsoft-IIS/10.0
etag
"f530d06f1039d71:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=458142
accept-ranges
bytes
content-length
467
form.js
cdn.hrpeak.com/js/genel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/js/genel/form.js?v=A63365
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
dabd666110f3148eec484a09fc05321c6c55caa2e3e406806ba0386893bb8bea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 07:57:23 GMT
server
Microsoft-IIS/10.0
etag
"8a889499ac1d71:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=449273
accept-ranges
bytes
content-length
1408
default.css
cdn.hrpeak.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/css/default.css?v=53068D
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f717c5f837ac6d6c6919ae998379590cbaab034fa1db7fdabdd1989aa14595d4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 03:30:51 GMT
server
Microsoft-IIS/10.0
etag
"3d8266c01c2dd81:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=388199
accept-ranges
bytes
content-length
1201
09.css
cdn.hrpeak.com/css/theme/ 		888 B
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/css/theme/09.css?v=BD568D
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4daf463d566f424cb29b534c973aa08d057174934031a0b4a49fa4f05a5719b8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 03:30:51 GMT
server
Microsoft-IIS/10.0
etag
"e5426cc01c2dd81:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=603222
accept-ranges
bytes
content-length
488
WebForms.js
cdn.hrpeak.com/js/WebForms/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/js/WebForms/WebForms.js?v=5B5D21
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
20ce63d9edc1c2aee134c440cfba7d0705d1c6c3c20461964b9310da22c2a5f2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Wed, 27 Jan 2021 14:30:21 GMT
server
Microsoft-IIS/10.0
etag
"bac880f1b8f4d61:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=103236
accept-ranges
bytes
content-length
6018
WebUIValidation.js
cdn.hrpeak.com/js/WebForms/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/js/WebForms/WebUIValidation.js?v=1CB7A4
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
54f4013748dd2ffead8e438f96340d290f51bd3b3c6af2a6c4b8f68eb58ffd07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 10:22:02 GMT
server
Microsoft-IIS/10.0
etag
"bf3413ac9b9d71:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=383251
accept-ranges
bytes
content-length
7238
Focus.js
cdn.hrpeak.com/js/WebForms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/js/WebForms/Focus.js?v=706CD6
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
53cc37d6a2667936323599a229b2683bfa9be8a7bf8a7099734b5b53641d3da9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Wed, 27 Jan 2021 14:30:21 GMT
server
Microsoft-IIS/10.0
etag
"6ded7bf1b8f4d61:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43974
accept-ranges
bytes
content-length
983
P9Q89E8SC9AEW6CH6VHWZ4V4ZQ
d.hrpeak.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.hrpeak.com/P9Q89E8SC9AEW6CH6VHWZ4V4ZQ
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:53d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6750872782481c50484242a1e4d6dcfa856fae3d932154d384b476a0254638

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vu6ahC17GoOYyuhVDltzwleiEtiHFDJ6fZlTwelGDPPXBuozn4A8zU46QR%2BQX4PJZZE8o8q8ymlyCdrIsPSGsRJWY5HLzOKvwApghbVHYvzc8GDCBjH%2Bc4dRroR4nhbQHPbTIf0fA0aAXD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
content-disposition
Inline;FileName=Ziraat_Bankasi.png
cf-ray
6f8bbf3e7da2691b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dm_giris.png
cdn.hrpeak.com/images/dm/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hrpeak.com/images/dm/dm_giris.png?v=B63610
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a9a7f2ae27951564581f5a15b514cd1d1a9cdee987b223858656b7d3077135b3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
last-modified
Wed, 27 Jan 2021 14:30:21 GMT
server
Microsoft-IIS/10.0
etag
"bd434df1b8f4d61:0"
content-type
image/png
cache-control
max-age=596113
accept-ranges
bytes
content-length
50334
hrpeak.g.png
cdn.hrpeak.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hrpeak.com/images/hrpeak.g.png?v=ECD763
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
635cbdc2e69cae69fab3a902ca10fc9ba4f1ee792e9b68886d0f6c6f13810e45

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
last-modified
Wed, 27 Jan 2021 14:30:21 GMT
server
Microsoft-IIS/10.0
etag
"849079f1b8f4d61:0"
content-type
image/png
cache-control
max-age=17257
accept-ranges
bytes
content-length
2805
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cd943bcdaa0806c66e3aede530d7b9305d319c4b76b939d1a04737b508078b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ziraatbank.hrpeak.com/
Origin
https://ziraatbank.hrpeak.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145054
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Apr 2023 00:25:44 GMT
ortak.css
cdn.hrpeak.com/css/ 		21 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/css/ortak.css?v=20
Requested by
Host: cdn.hrpeak.com
URL: https://cdn.hrpeak.com/css/default.css?v=53068D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
38b7534f19adc4492000f1de33e51f5104bedd0562ef3118f5abe60cddbf0a09

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.hrpeak.com/css/default.css?v=53068D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 23:04:13 GMT
server
Microsoft-IIS/10.0
etag
"848781539c35d81:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=448643
accept-ranges
bytes
content-length
6828
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&&subset=latin,latin-ext
Requested by
Host: cdn.hrpeak.com
URL: https://cdn.hrpeak.com/css/ortak.css?v=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 13:16:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 08 Apr 2022 14:38:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Apr 2022 14:38:30 GMT
font-awesome.min.css
cdn.hrpeak.com/css/vendor/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/css/vendor/font-awesome.min.css?v=2
Requested by
Host: cdn.hrpeak.com
URL: https://cdn.hrpeak.com/css/ortak.css?v=20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.hrpeak.com/css/ortak.css?v=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 07:57:22 GMT
server
Microsoft-IIS/10.0
etag
"6eda32499ac1d71:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=452625
accept-ranges
bytes
content-length
8332
form.css
cdn.hrpeak.com/css/genel/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/css/genel/form.css?v=2
Requested by
Host: cdn.hrpeak.com
URL: https://cdn.hrpeak.com/css/ortak.css?v=20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9ffe11162455dd4efa422bb96ab8d68aba28b4fdedb40771390c7f215528db4e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.hrpeak.com/css/ortak.css?v=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 07:57:22 GMT
server
Microsoft-IIS/10.0
etag
"1d4f2c499ac1d71:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=383767
accept-ranges
bytes
content-length
1667
tooltipster.bundle.min.css
cdn.hrpeak.com/css/vendor/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/css/vendor/tooltipster.bundle.min.css
Requested by
Host: cdn.hrpeak.com
URL: https://cdn.hrpeak.com/css/genel/form.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.hrpeak.com/css/genel/form.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Wed, 27 Jan 2021 14:30:21 GMT
server
Microsoft-IIS/10.0
etag
"fe6928f1b8f4d61:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=351865
accept-ranges
bytes
content-length
1477
tooltipster-sideTip-shadow.min.css
cdn.hrpeak.com/css/vendor/ 		2 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/css/vendor/tooltipster-sideTip-shadow.min.css
Requested by
Host: cdn.hrpeak.com
URL: https://cdn.hrpeak.com/css/genel/form.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
970fb3515835fc779193ba0f88531ff29972b3c9cd76aba2fb1222fb97beeab6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.hrpeak.com/css/genel/form.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
last-modified
Wed, 27 Jan 2021 14:30:21 GMT
server
Microsoft-IIS/10.0
etag
"fe6928f1b8f4d61:0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=352084
accept-ranges
bytes
content-length
464
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6455
date
Fri, 08 Apr 2022 12:50:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 08 Apr 2022 14:50:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ziraatbank.hrpeak.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 22:45:30 GMT
x-content-type-options
nosniff
age
229980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Apr 2023 22:45:30 GMT
fontawesome-webfont.woff2
cdn.hrpeak.com/css/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.hrpeak.com/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn.hrpeak.com
URL: https://cdn.hrpeak.com/css/vendor/font-awesome.min.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://cdn.hrpeak.com/css/vendor/font-awesome.min.css?v=2
Origin
https://ziraatbank.hrpeak.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
last-modified
Wed, 27 Jan 2021 14:30:21 GMT
server
Microsoft-IIS/10.0
etag
"964e23f1b8f4d61:0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=507669
accept-ranges
bytes
content-length
77160
anchor
www.google.com/recaptcha/api2/ Frame 8960 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3&co=aHR0cHM6Ly96aXJhYXRiYW5rLmhycGVhay5jb206NDQz&hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=normal&cb=wbf6zt1nkp4m
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__nl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c73e1802c26408b829a2f8b081e50637ce54641060a2ad7252757640e3d6fb45
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kg6bhHtC1rraNwW0ourBtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ziraatbank.hrpeak.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22958
content-security-policy
script-src 'report-sample' 'nonce-Kg6bhHtC1rraNwW0ourBtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Apr 2022 14:38:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 8960 		51 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3&co=aHR0cHM6Ly96aXJhYXRiYW5rLmhycGVhay5jb206NDQz&hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=normal&cb=wbf6zt1nkp4m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:37:18 GMT
x-content-type-options
nosniff
age
3672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52582
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Apr 2023 13:37:18 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 8960 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3&co=aHR0cHM6Ly96aXJhYXRiYW5rLmhycGVhay5jb206NDQz&hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=normal&cb=wbf6zt1nkp4m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cd943bcdaa0806c66e3aede530d7b9305d319c4b76b939d1a04737b508078b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145054
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Apr 2023 00:25:44 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2088284792&utmhn=ziraatbank.hrpeak.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Assessment%20Center%20Login&utmhid=1766664629&utmr=-&utmp=%2Fac&utmht=1649428710298&utmac=UA-6395679-13&utmcc=__utma%3D79664287.1541886595.1649428710.1649428710.1649428710.1%3B%2B__utmz%3D79664287.1649428710.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=688427566&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: ziraatbank.hrpeak.com
URL: https://ziraatbank.hrpeak.com/ac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ziraatbank.hrpeak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Apr 2022 14:38:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 8960 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8960 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8960 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 07 Apr 2022 19:40:09 GMT
x-content-type-options
nosniff
age
68301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 14 Apr 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8960 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3&co=aHR0cHM6Ly96aXJhYXRiYW5rLmhycGVhay5jb206NDQz&hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=normal&cb=wbf6zt1nkp4m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 11:18:05 GMT
x-content-type-options
nosniff
age
271225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Apr 2023 11:18:05 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 8960 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3&co=aHR0cHM6Ly96aXJhYXRiYW5rLmhycGVhay5jb206NDQz&hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=normal&cb=wbf6zt1nkp4m
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
543b6c3230202c4495a1e649b45cc3b00ed1bf9f46b0b6f5e667752eebe010cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3&co=aHR0cHM6Ly96aXJhYXRiYW5rLmhycGVhay5jb206NDQz&hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&size=normal&cb=wbf6zt1nkp4m
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:38:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Fri, 08 Apr 2022 14:38:30 GMT
bframe
www.google.com/recaptcha/api2/ Frame 061F 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
99f1828094f1dc2f02139b84b087cb9f2ea5a8a494db30e98b990cc2a3a47faf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3kjeb3Kf4Sd13+zIxC89HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ziraatbank.hrpeak.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1110
content-security-policy
script-src 'report-sample' 'nonce-3kjeb3Kf4Sd13+zIxC89HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Apr 2022 14:38:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 061F 		51 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 13:37:18 GMT
x-content-type-options
nosniff
age
3672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52582
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Apr 2023 13:37:18 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/ Frame 061F 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Y-cOIEkAqcfDdup_qnnmkxIC/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=Y-cOIEkAqcfDdup_qnnmkxIC&k=6Lcc-BQUAAAAAHwj2ic-sHlM2U5_g9iCkQnvlzr3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cd943bcdaa0806c66e3aede530d7b9305d319c4b76b939d1a04737b508078b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 00:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145054
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 04:02:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Apr 2023 00:25:44 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ziraat Bank (Banking)

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery object| alertify function| MenuAc function| MenuGizle function| SayfaMenuAc function| SayfaMenuKapat function| LogError object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| correctCaptcha function| onloadCallback function| AciklamaOlustur function| AciklamaSoruIsaretiOlustur function| FileUpload object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| WebForm_OnSubmit object| _gaq object| Page_Validators object| C_R_GIRIS_KOD boolean| Page_ValidationActive function| ValidatorOnSubmit object| Page_ValidationSummaries object| closure_lm_506505 number| review_recaptcha_widget object| _gat object| gaGlobal

11 Cookies

Domain/Path Name / Value
ziraatbank.hrpeak.com/ Name: ASP.NET_SessionId
Value: r23ngkyml1b0v0ow2bopnind
ziraatbank.hrpeak.com/ Name: RU
Value:
ziraatbank.hrpeak.com/ Name: 89B86AB0E66F527166D98DF92DDBCF5416ED58F6
Value: 1
ziraatbank.hrpeak.com/ Name: __RequestVerificationToken
Value: 1e2lAlJp95ivkB0yqArvxF1THBcJz-PKeCuS3dRsQ_xnXT3YfaUFotjGeymbl_ky0feZ3E0lcYG2F1xrNslLjR9NS1I1
.ziraatbank.hrpeak.com/ Name: ARRAffinity
Value: f719e447d4512d81944a434dc4c496e3ec170767571d0deb425ad1d9a4cdb04e
.ziraatbank.hrpeak.com/ Name: ARRAffinitySameSite
Value: f719e447d4512d81944a434dc4c496e3ec170767571d0deb425ad1d9a4cdb04e
.ziraatbank.hrpeak.com/ Name: __utma
Value: 79664287.1541886595.1649428710.1649428710.1649428710.1
.ziraatbank.hrpeak.com/ Name: __utmc
Value: 79664287
.ziraatbank.hrpeak.com/ Name: __utmz
Value: 79664287.1649428710.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.ziraatbank.hrpeak.com/ Name: __utmt
Value: 1
.ziraatbank.hrpeak.com/ Name: __utmb
Value: 79664287.1.10.1649428710

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.hrpeak.com
d.hrpeak.com
fonts.googleapis.com
fonts.gstatic.com
ssl.google-analytics.com
www.google.com
www.gstatic.com
ziraatbank.hrpeak.com
2606:4700:3032::6815:53d8
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:829::2003
2a00:1450:4001:831::2008
2a02:26f0:1700:d::1737:6ea4
52.233.184.181
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0dc7bacc0f2d5b0387ac75e908e97edcc82a2e0fbb4a89f6766756826cf78b10
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cd943bcdaa0806c66e3aede530d7b9305d319c4b76b939d1a04737b508078b1
20ce63d9edc1c2aee134c440cfba7d0705d1c6c3c20461964b9310da22c2a5f2
23b6495f3a797f62e7267f24bc80f1a4a294b96d66b76e950db05bc2058bd29f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3463b9ecad75d203d89f0bb782862d41239513d6fc83f9843be0fe391eaa0d51
38b7534f19adc4492000f1de33e51f5104bedd0562ef3118f5abe60cddbf0a09
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4daf463d566f424cb29b534c973aa08d057174934031a0b4a49fa4f05a5719b8
53cc37d6a2667936323599a229b2683bfa9be8a7bf8a7099734b5b53641d3da9
543b6c3230202c4495a1e649b45cc3b00ed1bf9f46b0b6f5e667752eebe010cf
54f4013748dd2ffead8e438f96340d290f51bd3b3c6af2a6c4b8f68eb58ffd07
635cbdc2e69cae69fab3a902ca10fc9ba4f1ee792e9b68886d0f6c6f13810e45
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
933f3acb19acff410685041bb173052eb679061a2ce80caa7fcbb33f489748f9
970fb3515835fc779193ba0f88531ff29972b3c9cd76aba2fb1222fb97beeab6
99f1828094f1dc2f02139b84b087cb9f2ea5a8a494db30e98b990cc2a3a47faf
9ffe11162455dd4efa422bb96ab8d68aba28b4fdedb40771390c7f215528db4e
a9a7f2ae27951564581f5a15b514cd1d1a9cdee987b223858656b7d3077135b3
c53876a5338b871d89fd91547214d13ccb9f0a12b165945a9ded7b71ee29865f
c73e1802c26408b829a2f8b081e50637ce54641060a2ad7252757640e3d6fb45
ce8cbedce9054ea03d386871b0eabfe2eb08335a818f64e8bbf2e80a5fa216ef
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
dabd666110f3148eec484a09fc05321c6c55caa2e3e406806ba0386893bb8bea
dc6750872782481c50484242a1e4d6dcfa856fae3d932154d384b476a0254638
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f717c5f837ac6d6c6919ae998379590cbaab034fa1db7fdabdd1989aa14595d4